I call it MSSP 2.0 because what went before, MSSP 1.0, was not something most organizations would be interested in. The first evolution of managed security services was a response to the complications that arose from Intrusion Detection products (IDS). Netrex (acquired by ISS), Guardant (acquired by Verisign), and Riptech (now Symantec) offered firewall rule management and IDS log management. But their customers would still be responsible for their own network security and would have to purchase and maintain the rest of the security products that became necessary to protect their networks.
Just as one of the primary drivers for UTM is the need to do content URL filtering, MSSP 2.0 vendors offer this service as well. Gateway anti-virus, bandwidth management, remote access via SSL, WiFi access points, and redundant Internet connects are all services you can get from the new breed of MSSPs, all for one low monthly price.
The business model for the IDS monitoring MSSPs did not work to well. Counterpane, one of the first, absorbed over $100 million in venture backing before being sold to BT for less than that. Verisign divested itself of its MSSP service by selling it to SecureWorks for an undisclosed fraction of the $140 million they bought it for. The reason? Price. They typical service was priced at $1,000/month/device. An organization with a single gateway firewall plus IDS would be paying at least $2,000 a month. If they had multiple locations the costs would get out of hand. Those that did buy the service could justify it by comparing the price to maintaining a staff of network security professionals. Those without security staffs could not justify it.
So what is different now? The answer is all-in-one gateway security devices that lend themselves to remote management. A UTM device is a firewall, AV, anti-spam, IPS, URL filter, SSL VPN, router, and bandwidth shaper all in one hardened appliance. An MSSP can drop ship a pre-configured device to a customer site, talk someone though the install procedure, and provide complete gateway security services at prices below $500/month/location. Because the MSSP manages hundreds of devices they get an economy of scale that allows them to provide 24X7 coverage, comprehensive reporting and alerting, and signature updates at this low price.
In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more
Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more
For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more
With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more